package freejim.icu.highschoolhealthstatuspost.config;

import freejim.icu.highschoolhealthstatuspost.service.UserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;
import java.io.PrintWriter;

@Configuration
@EnableWebSecurity
public class UserSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.antMatcher("/user/**").authorizeRequests()
                .antMatchers("/user/login_frontend").permitAll()
                .anyRequest().hasAuthority("USER").and()
                .formLogin()
                .loginPage("/user/login_frontend")
                .successHandler((req, res, authentication) -> {
                    System.out.println("成功登录");
                    PrintWriter out = res.getWriter();
                    out.write("ok");
                    out.flush();
                    out.close();
                }).and()
                .logout()
                .logoutUrl("/user/logout")
                .logoutSuccessUrl("/user/login_frontend");
    }

    @Bean
    PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Resource
    PasswordEncoder passwordEncoder;

    @Resource
    UserService userService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
          auth.userDetailsService(userService);
          auth.jdbcAuthentication().passwordEncoder(passwordEncoder).rolePrefix("");
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/css/**", "/img/**", "/**/*.png");
    }

    @Configuration
    @Order(102)
    public static class DgutAuth extends WebSecurityConfigurerAdapter {
        protected void configure(HttpSecurity http) throws Exception {
            http.csrf().disable();
            http.apply(new JLoginConfigurer<>());
            http.antMatcher("/login/dgut").authorizeRequests()
                    .anyRequest().hasAuthority("USER").and()
                    .formLogin()
                    .loginPage("/user/login_frontend")
                    .successHandler((req, res, authentication) -> {
                        System.out.println("成功登录");
                        PrintWriter out = res.getWriter();
                        out.write("ok");
                        out.flush();
                        out.close();
                    }).and()
                    .logout()
                    .logoutUrl("/user/logout")
                    .logoutSuccessUrl("/user/login_frontend");
        }
    }

}
